npm - draft-board - Versions diffs - 0.1.0-beta.0 - Mend

draft-board 0.1.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

package/app/backend/.env.example +9 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_patch.txt +195 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_stat.txt +6 -0
package/app/backend/CURL_EXAMPLES.md +335 -0
package/app/backend/ENV_SETUP.md +65 -0
package/app/backend/alembic/env.py +71 -0
package/app/backend/alembic/script.py.mako +28 -0
package/app/backend/alembic/versions/001_initial_schema.py +104 -0
package/app/backend/alembic/versions/002_add_jobs_table.py +52 -0
package/app/backend/alembic/versions/003_add_workspace_table.py +48 -0
package/app/backend/alembic/versions/004_add_evidence_table.py +56 -0
package/app/backend/alembic/versions/005_add_verification_commands.py +32 -0
package/app/backend/alembic/versions/006_add_planner_lock_table.py +39 -0
package/app/backend/alembic/versions/007_add_revision_review_tables.py +126 -0
package/app/backend/alembic/versions/008_add_revision_idempotency_and_traceability.py +52 -0
package/app/backend/alembic/versions/009_add_job_health_fields.py +46 -0
package/app/backend/alembic/versions/010_add_review_comment_line_content.py +36 -0
package/app/backend/alembic/versions/011_add_analysis_cache.py +47 -0
package/app/backend/alembic/versions/012_add_boards_table.py +102 -0
package/app/backend/alembic/versions/013_add_ticket_blocking.py +45 -0
package/app/backend/alembic/versions/014_add_agent_sessions.py +220 -0
package/app/backend/alembic/versions/015_add_ticket_sort_order.py +33 -0
package/app/backend/alembic/versions/03220f0b93ae_add_pr_fields_to_ticket.py +49 -0
package/app/backend/alembic/versions/0c2d89fff3b1_seed_board_configs_from_yaml.py +206 -0
package/app/backend/alembic/versions/3348e5cf54c1_add_merge_checklist_table.py +67 -0
package/app/backend/alembic/versions/357c780ee445_add_goal_status.py +34 -0
package/app/backend/alembic/versions/553340b7e26c_add_autonomy_fields_to_goal.py +65 -0
package/app/backend/alembic/versions/774dc335c679_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/7b307e847cbd_merge_heads.py +23 -0
package/app/backend/alembic/versions/82ecd978cc70_add_missing_indexes.py +48 -0
package/app/backend/alembic/versions/8ef5054dc280_add_normalized_log_entries.py +173 -0
package/app/backend/alembic/versions/8f3e2bd8ea3b_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/9d17f0698d3b_add_config_column_to_boards_table.py +30 -0
package/app/backend/alembic/versions/add_agent_conversation_history.py +72 -0
package/app/backend/alembic/versions/add_job_variant.py +34 -0
package/app/backend/alembic/versions/add_performance_indexes.py +95 -0
package/app/backend/alembic/versions/add_repos_and_board_repos.py +174 -0
package/app/backend/alembic/versions/add_session_id_to_jobs.py +27 -0
package/app/backend/alembic/versions/add_sqlite_backend_tables.py +104 -0
package/app/backend/alembic/versions/b10fb0b62240_add_diff_content_to_revisions.py +34 -0
package/app/backend/alembic.ini +89 -0
package/app/backend/app/__init__.py +3 -0
package/app/backend/app/data_dir.py +85 -0
package/app/backend/app/database.py +70 -0
package/app/backend/app/database_sync.py +64 -0
package/app/backend/app/dependencies/__init__.py +5 -0
package/app/backend/app/dependencies/auth.py +80 -0
package/app/backend/app/dependencies.py +43 -0
package/app/backend/app/exceptions.py +178 -0
package/app/backend/app/executors/__init__.py +1 -0
package/app/backend/app/executors/adapters/__init__.py +1 -0
package/app/backend/app/executors/adapters/aider.py +152 -0
package/app/backend/app/executors/adapters/amazon_q.py +103 -0
package/app/backend/app/executors/adapters/amp.py +123 -0
package/app/backend/app/executors/adapters/claude.py +177 -0
package/app/backend/app/executors/adapters/cline.py +127 -0
package/app/backend/app/executors/adapters/codex.py +167 -0
package/app/backend/app/executors/adapters/copilot.py +202 -0
package/app/backend/app/executors/adapters/cursor.py +87 -0
package/app/backend/app/executors/adapters/droid.py +123 -0
package/app/backend/app/executors/adapters/gemini.py +132 -0
package/app/backend/app/executors/adapters/goose.py +131 -0
package/app/backend/app/executors/adapters/opencode.py +123 -0
package/app/backend/app/executors/adapters/qwen.py +123 -0
package/app/backend/app/executors/plugins/__init__.py +1 -0
package/app/backend/app/executors/registry.py +202 -0
package/app/backend/app/executors/spec.py +226 -0
package/app/backend/app/main.py +486 -0
package/app/backend/app/middleware/__init__.py +13 -0
package/app/backend/app/middleware/idempotency.py +426 -0
package/app/backend/app/middleware/rate_limit.py +312 -0
package/app/backend/app/middleware/security_headers.py +43 -0
package/app/backend/app/middleware/timeout.py +37 -0
package/app/backend/app/models/__init__.py +56 -0
package/app/backend/app/models/agent_conversation_history.py +56 -0
package/app/backend/app/models/agent_session.py +127 -0
package/app/backend/app/models/analysis_cache.py +49 -0
package/app/backend/app/models/base.py +9 -0
package/app/backend/app/models/board.py +79 -0
package/app/backend/app/models/board_repo.py +68 -0
package/app/backend/app/models/cost_budget.py +42 -0
package/app/backend/app/models/enums.py +40 -0
package/app/backend/app/models/evidence.py +132 -0
package/app/backend/app/models/goal.py +102 -0
package/app/backend/app/models/idempotency_entry.py +30 -0
package/app/backend/app/models/job.py +163 -0
package/app/backend/app/models/job_queue.py +39 -0
package/app/backend/app/models/kv_store.py +28 -0
package/app/backend/app/models/merge_checklist.py +87 -0
package/app/backend/app/models/normalized_log.py +100 -0
package/app/backend/app/models/planner_lock.py +43 -0
package/app/backend/app/models/rate_limit_entry.py +25 -0
package/app/backend/app/models/repo.py +66 -0
package/app/backend/app/models/review_comment.py +91 -0
package/app/backend/app/models/review_summary.py +69 -0
package/app/backend/app/models/revision.py +130 -0
package/app/backend/app/models/ticket.py +223 -0
package/app/backend/app/models/ticket_event.py +83 -0
package/app/backend/app/models/user.py +47 -0
package/app/backend/app/models/workspace.py +71 -0
package/app/backend/app/redis_client.py +119 -0
package/app/backend/app/routers/__init__.py +29 -0
package/app/backend/app/routers/agents.py +296 -0
package/app/backend/app/routers/auth.py +94 -0
package/app/backend/app/routers/board.py +885 -0
package/app/backend/app/routers/dashboard.py +351 -0
package/app/backend/app/routers/debug.py +528 -0
package/app/backend/app/routers/evidence.py +96 -0
package/app/backend/app/routers/executors.py +324 -0
package/app/backend/app/routers/goals.py +574 -0
package/app/backend/app/routers/jobs.py +448 -0
package/app/backend/app/routers/maintenance.py +172 -0
package/app/backend/app/routers/merge.py +360 -0
package/app/backend/app/routers/planner.py +537 -0
package/app/backend/app/routers/pull_requests.py +382 -0
package/app/backend/app/routers/repos.py +263 -0
package/app/backend/app/routers/revisions.py +939 -0
package/app/backend/app/routers/settings.py +267 -0
package/app/backend/app/routers/tickets.py +2003 -0
package/app/backend/app/routers/webhooks.py +143 -0
package/app/backend/app/routers/websocket.py +249 -0
package/app/backend/app/schemas/__init__.py +109 -0
package/app/backend/app/schemas/board.py +87 -0
package/app/backend/app/schemas/common.py +33 -0
package/app/backend/app/schemas/evidence.py +87 -0
package/app/backend/app/schemas/goal.py +90 -0
package/app/backend/app/schemas/job.py +97 -0
package/app/backend/app/schemas/merge.py +139 -0
package/app/backend/app/schemas/planner.py +500 -0
package/app/backend/app/schemas/repo.py +187 -0
package/app/backend/app/schemas/review.py +137 -0
package/app/backend/app/schemas/revision.py +114 -0
package/app/backend/app/schemas/ticket.py +238 -0
package/app/backend/app/schemas/ticket_event.py +72 -0
package/app/backend/app/schemas/workspace.py +19 -0
package/app/backend/app/services/__init__.py +31 -0
package/app/backend/app/services/agent_memory_service.py +223 -0
package/app/backend/app/services/agent_registry.py +346 -0
package/app/backend/app/services/agent_session_manager.py +318 -0
package/app/backend/app/services/agent_session_service.py +219 -0
package/app/backend/app/services/agent_tools.py +379 -0
package/app/backend/app/services/auth_service.py +98 -0
package/app/backend/app/services/autonomy_service.py +380 -0
package/app/backend/app/services/board_repo_service.py +201 -0
package/app/backend/app/services/board_service.py +326 -0
package/app/backend/app/services/cleanup_service.py +1085 -0
package/app/backend/app/services/config_service.py +908 -0
package/app/backend/app/services/context_gatherer.py +557 -0
package/app/backend/app/services/cost_tracking_service.py +293 -0
package/app/backend/app/services/cursor_log_normalizer.py +536 -0
package/app/backend/app/services/delivery_pipeline.py +440 -0
package/app/backend/app/services/executor_service.py +634 -0
package/app/backend/app/services/git_host/__init__.py +11 -0
package/app/backend/app/services/git_host/factory.py +87 -0
package/app/backend/app/services/git_host/github.py +270 -0
package/app/backend/app/services/git_host/gitlab.py +194 -0
package/app/backend/app/services/git_host/protocol.py +75 -0
package/app/backend/app/services/git_merge_simple.py +346 -0
package/app/backend/app/services/git_ops.py +384 -0
package/app/backend/app/services/github_service.py +233 -0
package/app/backend/app/services/goal_service.py +113 -0
package/app/backend/app/services/job_service.py +423 -0
package/app/backend/app/services/job_watchdog_service.py +424 -0
package/app/backend/app/services/langchain_adapter.py +122 -0
package/app/backend/app/services/llm_provider_clients.py +351 -0
package/app/backend/app/services/llm_service.py +285 -0
package/app/backend/app/services/log_normalizer.py +342 -0
package/app/backend/app/services/log_stream_service.py +276 -0
package/app/backend/app/services/merge_checklist_service.py +264 -0
package/app/backend/app/services/merge_service.py +784 -0
package/app/backend/app/services/orchestrator_log.py +84 -0
package/app/backend/app/services/planner_service.py +1662 -0
package/app/backend/app/services/planner_tick_sync.py +1040 -0
package/app/backend/app/services/queued_message_service.py +156 -0
package/app/backend/app/services/reliability_wrapper.py +389 -0
package/app/backend/app/services/repo_discovery_service.py +318 -0
package/app/backend/app/services/review_service.py +334 -0
package/app/backend/app/services/revision_service.py +389 -0
package/app/backend/app/services/safe_autopilot.py +510 -0
package/app/backend/app/services/sqlite_worker.py +372 -0
package/app/backend/app/services/task_dispatch.py +135 -0
package/app/backend/app/services/ticket_generation_service.py +1781 -0
package/app/backend/app/services/ticket_service.py +486 -0
package/app/backend/app/services/udar_planner_service.py +1007 -0
package/app/backend/app/services/webhook_service.py +126 -0
package/app/backend/app/services/workspace_service.py +465 -0
package/app/backend/app/services/worktree_file_service.py +92 -0
package/app/backend/app/services/worktree_validator.py +213 -0
package/app/backend/app/sqlite_kv.py +278 -0
package/app/backend/app/state_machine.py +128 -0
package/app/backend/app/templates/__init__.py +5 -0
package/app/backend/app/templates/registry.py +243 -0
package/app/backend/app/utils/__init__.py +5 -0
package/app/backend/app/utils/artifact_reader.py +87 -0
package/app/backend/app/utils/circuit_breaker.py +229 -0
package/app/backend/app/utils/db_retry.py +136 -0
package/app/backend/app/utils/ignored_fields.py +123 -0
package/app/backend/app/utils/validators.py +54 -0
package/app/backend/app/websocket/__init__.py +5 -0
package/app/backend/app/websocket/manager.py +179 -0
package/app/backend/app/websocket/state_tracker.py +113 -0
package/app/backend/app/worker.py +3190 -0
package/app/backend/calculator_tickets.json +40 -0
package/app/backend/canary_tests.sh +591 -0
package/app/backend/celerybeat-schedule +0 -0
package/app/backend/celerybeat-schedule-shm +0 -0
package/app/backend/celerybeat-schedule-wal +0 -0
package/app/backend/logs/.gitkeep +3 -0
package/app/backend/multiplication_division_implementation_tickets.json +55 -0
package/app/backend/multiplication_division_tickets.json +42 -0
package/app/backend/pyproject.toml +45 -0
package/app/backend/requirements-dev.txt +8 -0
package/app/backend/requirements.txt +20 -0
package/app/backend/run.sh +30 -0
package/app/backend/run_with_logs.sh +10 -0
package/app/backend/scientific_calculator_tickets.json +40 -0
package/app/backend/scripts/extract_openapi.py +21 -0
package/app/backend/scripts/seed_demo.py +187 -0
package/app/backend/setup_demo_review.py +302 -0
package/app/backend/test_actual_parse.py +41 -0
package/app/backend/test_agent_streaming.py +61 -0
package/app/backend/test_parse.py +51 -0
package/app/backend/test_streaming.py +51 -0
package/app/backend/test_subprocess_streaming.py +50 -0
package/app/backend/tests/__init__.py +1 -0
package/app/backend/tests/conftest.py +46 -0
package/app/backend/tests/test_auth.py +341 -0
package/app/backend/tests/test_autonomy_service.py +391 -0
package/app/backend/tests/test_cleanup_service_safety.py +417 -0
package/app/backend/tests/test_middleware.py +279 -0
package/app/backend/tests/test_planner_providers.py +290 -0
package/app/backend/tests/test_planner_unblock.py +183 -0
package/app/backend/tests/test_revision_invariants.py +618 -0
package/app/backend/tests/test_sqlite_kv.py +290 -0
package/app/backend/tests/test_sqlite_worker.py +353 -0
package/app/backend/tests/test_task_dispatch.py +100 -0
package/app/backend/tests/test_ticket_validation.py +304 -0
package/app/backend/tests/test_udar_agent.py +693 -0
package/app/backend/tests/test_webhook_service.py +184 -0
package/app/backend/tickets_output.json +59 -0
package/app/backend/user_management_tickets.json +50 -0
package/app/backend/uvicorn.log +0 -0
package/app/draft.yaml +313 -0
package/app/frontend/dist/assets/index-LcjCczu5.js +155 -0
package/app/frontend/dist/assets/index-_FP_279e.css +1 -0
package/app/frontend/dist/index.html +14 -0
package/app/frontend/dist/vite.svg +1 -0
package/app/frontend/package.json +101 -0
package/bin/cli.js +527 -0
package/package.json +37 -0

package/app/backend/app/templates/registry.py ADDED Viewed

@@ -0,0 +1,243 @@
+"""Project template registry with pre-configured board setups."""
+from typing import TypedDict
+class TemplateGoal(TypedDict, total=False):
+    """A starter goal for a template."""
+    title: str
+    description: str
+class ProjectTemplate(TypedDict):
+    """A project template with pre-configured settings and starter goals."""
+    id: str
+    name: str
+    description: str
+    icon: str
+    category: str
+    config: dict
+    starter_goals: list[TemplateGoal]
+    tags: list[str]
+TEMPLATES: list[ProjectTemplate] = [
+    {
+        "id": "web-app",
+        "name": "Web Application",
+        "description": "Modern web app with React, Next.js, or Vue. Optimized for UI development.",
+        "icon": "🌐",
+        "category": "Frontend",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 300,
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up project structure",
+                "description": "Initialize the web app with proper folder structure, routing, and build configuration.",
+            },
+            {
+                "title": "Implement responsive layout",
+                "description": "Create a mobile-first responsive layout with navigation and theming support.",
+            },
+        ],
+        "tags": ["react", "nextjs", "vue", "frontend", "ui"],
+    },
+    {
+        "id": "api-service",
+        "name": "API Service",
+        "description": "REST or GraphQL API with FastAPI, Express, or Django. Optimized for backend development.",
+        "icon": "🔌",
+        "category": "Backend",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 400,
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up API framework",
+                "description": "Initialize the API with routing, middleware, and database connection.",
+            },
+            {
+                "title": "Add authentication",
+                "description": "Implement JWT or OAuth authentication with proper security.",
+            },
+            {
+                "title": "Add API documentation",
+                "description": "Generate OpenAPI/Swagger docs with examples and schemas.",
+            },
+        ],
+        "tags": ["api", "fastapi", "express", "django", "backend", "rest", "graphql"],
+    },
+    {
+        "id": "mobile-app",
+        "name": "Mobile App",
+        "description": "Cross-platform mobile app with React Native or Flutter. Optimized for mobile development.",
+        "icon": "📱",
+        "category": "Mobile",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 350,
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up navigation",
+                "description": "Configure screen navigation and routing for iOS and Android.",
+            },
+            {
+                "title": "Implement offline support",
+                "description": "Add local data persistence and offline-first architecture.",
+            },
+        ],
+        "tags": ["mobile", "react-native", "flutter", "ios", "android"],
+    },
+    {
+        "id": "data-pipeline",
+        "name": "Data Pipeline",
+        "description": "ETL/analytics pipeline with longer timeout for data processing tasks.",
+        "icon": "📊",
+        "category": "Data",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 600,  # 10 minutes for data processing
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up data sources",
+                "description": "Configure connections to databases, APIs, or file sources.",
+            },
+            {
+                "title": "Build transformation pipeline",
+                "description": "Implement data cleaning, validation, and transformation logic.",
+            },
+            {
+                "title": "Add monitoring and alerts",
+                "description": "Set up pipeline monitoring, error handling, and alerting.",
+            },
+        ],
+        "tags": ["data", "etl", "analytics", "pipeline", "airflow", "spark"],
+    },
+    {
+        "id": "docs-site",
+        "name": "Documentation Site",
+        "description": "Documentation with Docusaurus, MkDocs, or VitePress. Optimized for content writing.",
+        "icon": "📚",
+        "category": "Content",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 250,
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up docs structure",
+                "description": "Organize content into sections with proper navigation.",
+            },
+            {
+                "title": "Add search functionality",
+                "description": "Implement full-text search across documentation.",
+            },
+        ],
+        "tags": ["docs", "documentation", "docusaurus", "mkdocs", "vitepress"],
+    },
+    {
+        "id": "library",
+        "name": "Library/Package",
+        "description": "Reusable library or NPM/PyPI package. Optimized for library development.",
+        "icon": "📦",
+        "category": "Library",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 300,
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up build and packaging",
+                "description": "Configure build tools, TypeScript/types, and package.json/pyproject.toml.",
+            },
+            {
+                "title": "Add comprehensive tests",
+                "description": "Implement unit tests with high coverage and CI integration.",
+            },
+            {
+                "title": "Create usage examples",
+                "description": "Write clear examples and API documentation for library users.",
+            },
+        ],
+        "tags": ["library", "package", "npm", "pypi", "sdk"],
+    },
+    {
+        "id": "ml-model",
+        "name": "Machine Learning",
+        "description": "ML/AI model with training pipelines. Extended timeout for model training.",
+        "icon": "🤖",
+        "category": "AI/ML",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 900,  # 15 minutes for training
+            }
+        },
+        "starter_goals": [
+            {
+                "title": "Set up training pipeline",
+                "description": "Configure data loading, model architecture, and training loop.",
+            },
+            {
+                "title": "Add experiment tracking",
+                "description": "Integrate MLflow, Weights & Biases, or similar for experiment tracking.",
+            },
+            {
+                "title": "Implement model evaluation",
+                "description": "Create evaluation metrics, validation splits, and model comparison.",
+            },
+        ],
+        "tags": [
+            "ml",
+            "ai",
+            "machine-learning",
+            "pytorch",
+            "tensorflow",
+            "scikit-learn",
+        ],
+    },
+    {
+        "id": "blank",
+        "name": "Blank Project",
+        "description": "Start from scratch with default settings. No starter goals.",
+        "icon": "✨",
+        "category": "Other",
+        "config": {
+            "execute_config": {
+                "executor_model": "sonnet-4.5",
+                "timeout": 300,
+            }
+        },
+        "starter_goals": [],
+        "tags": ["blank", "custom"],
+    },
+]
+def get_template(template_id: str) -> ProjectTemplate | None:
+    """Get a template by ID."""
+    return next((t for t in TEMPLATES if t["id"] == template_id), None)
+def list_templates() -> list[ProjectTemplate]:
+    """List all available templates."""
+    return TEMPLATES

package/app/backend/app/utils/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+"""Utility modules for the backend application."""
+from app.utils.artifact_reader import read_artifact
+__all__ = ["read_artifact"]

package/app/backend/app/utils/artifact_reader.py ADDED Viewed

@@ -0,0 +1,87 @@
+"""Safe artifact reading utilities.
+Security Policy:
+    - Only reads files under central data dir or <repo_root>/.draft (legacy)
+    - Rejects absolute paths (unless under central data dir)
+    - Resolves canonical paths (follows symlinks)
+    - Caps file size to prevent memory exhaustion
+"""
+import os
+from pathlib import Path
+# Maximum artifact file size to read (2MB)
+MAX_ARTIFACT_BYTES = 2_000_000
+def _is_under(target: Path, allowed_root: Path) -> bool:
+    """Check if target path is under allowed_root using canonical paths."""
+    try:
+        common = os.path.commonpath(
+            [str(target.resolve(strict=False)), str(allowed_root.resolve(strict=False))]
+        )
+    except ValueError:
+        return False
+    return common == str(allowed_root.resolve(strict=False))
+def _read_with_cap(target: Path) -> str | None:
+    """Read a file with size cap to prevent memory exhaustion."""
+    if not target.is_file():
+        return None
+    try:
+        size = target.stat().st_size
+        if size > MAX_ARTIFACT_BYTES:
+            with target.open("rb") as f:
+                data = f.read(MAX_ARTIFACT_BYTES)
+            return data.decode("utf-8", errors="replace") + "\n\n[truncated]"
+        return target.read_text(encoding="utf-8", errors="replace")
+    except OSError:
+        return None
+def read_artifact(repo_root: Path, relpath: str | None) -> str | None:
+    """Safely read an artifact file, enforcing security constraints.
+    Security Policy:
+        - Accepts absolute paths under central data dir (~/.draft/)
+        - Accepts relative paths under <repo_root>/.draft (legacy)
+        - Resolves canonical path (follows symlinks)
+        - Caps file size to prevent memory exhaustion
+    Args:
+        repo_root: Absolute path to the repository root
+        relpath: Path to the artifact (absolute under data dir, or relative)
+    Returns:
+        File content if safe and exists, None otherwise
+    """
+    if not relpath:
+        return None
+    from app.data_dir import get_data_dir
+    rel = Path(relpath)
+    # If absolute path, check if it's under the central data dir
+    if rel.is_absolute():
+        data_dir = get_data_dir()
+        if _is_under(rel, data_dir):
+            return _read_with_cap(rel)
+        return None
+    # Try central data dir first (new paths)
+    data_dir = get_data_dir()
+    target = (data_dir / rel).resolve(strict=False)
+    if _is_under(target, data_dir):
+        result = _read_with_cap(target)
+        if result is not None:
+            return result
+    # Fall back to legacy <repo_root>/.draft
+    allowed_root = (repo_root / ".draft").resolve(strict=False)
+    target = (repo_root / rel).resolve(strict=False)
+    if _is_under(target, allowed_root):
+        return _read_with_cap(target)
+    return None

package/app/backend/app/utils/circuit_breaker.py ADDED Viewed

@@ -0,0 +1,229 @@
+"""Circuit breaker pattern for resilient external API calls.
+Prevents cascading failures by temporarily stopping requests to a failing service,
+giving it time to recover.
+"""
+import logging
+import threading
+from collections.abc import Callable
+from datetime import datetime, timedelta
+from enum import StrEnum
+from typing import TypeVar
+logger = logging.getLogger(__name__)
+T = TypeVar("T")
+class CircuitState(StrEnum):
+    """Circuit breaker states."""
+    CLOSED = "closed"  # Normal operation
+    OPEN = "open"  # Failing, reject requests immediately
+    HALF_OPEN = "half_open"  # Testing if service recovered
+class CircuitBreakerError(Exception):
+    """Raised when circuit breaker is open."""
+    pass
+class CircuitBreaker:
+    """Circuit breaker for external API calls with automatic recovery.
+    States:
+        - CLOSED: Normal operation, requests pass through
+        - OPEN: Too many failures, reject all requests immediately
+        - HALF_OPEN: Testing recovery, allow limited requests
+    Transitions:
+        - CLOSED -> OPEN: After failure_threshold consecutive failures
+        - OPEN -> HALF_OPEN: After timeout_seconds elapsed
+        - HALF_OPEN -> CLOSED: After success_threshold consecutive successes
+        - HALF_OPEN -> OPEN: On any failure
+    Thread-safe.
+    """
+    def __init__(
+        self,
+        name: str = "default",
+        failure_threshold: int = 5,
+        success_threshold: int = 2,
+        timeout_seconds: int = 60,
+    ):
+        """Initialize circuit breaker.
+        Args:
+            name: Name for logging
+            failure_threshold: Number of failures before opening circuit
+            success_threshold: Number of successes needed to close circuit (from half-open)
+            timeout_seconds: Seconds to wait before trying half-open
+        """
+        self.name = name
+        self.failure_threshold = failure_threshold
+        self.success_threshold = success_threshold
+        self.timeout_seconds = timeout_seconds
+        self._state = CircuitState.CLOSED
+        self._failure_count = 0
+        self._success_count = 0
+        self._last_failure_time: datetime | None = None
+        self._lock = threading.RLock()
+    @property
+    def state(self) -> CircuitState:
+        """Get current circuit state (thread-safe)."""
+        with self._lock:
+            return self._state
+    @property
+    def failure_count(self) -> int:
+        """Get current failure count (thread-safe)."""
+        with self._lock:
+            return self._failure_count
+    def call(self, func: Callable[..., T], *args, **kwargs) -> T:
+        """Execute a function with circuit breaker protection.
+        Args:
+            func: Function to call
+            *args: Positional arguments for func
+            **kwargs: Keyword arguments for func
+        Returns:
+            Return value from func
+        Raises:
+            CircuitBreakerError: If circuit is open
+            Exception: If func raises an exception
+        """
+        with self._lock:
+            current_state = self._state
+            # Check if we should transition from OPEN to HALF_OPEN
+            if current_state == CircuitState.OPEN:
+                if self._should_attempt_reset():
+                    logger.info(
+                        f"Circuit breaker '{self.name}' transitioning OPEN -> HALF_OPEN "
+                        f"(timeout elapsed: {self.timeout_seconds}s)"
+                    )
+                    self._state = CircuitState.HALF_OPEN
+                    self._success_count = 0
+                    current_state = CircuitState.HALF_OPEN
+                else:
+                    # Still open, reject immediately
+                    time_since_failure = (
+                        datetime.now() - self._last_failure_time
+                    ).total_seconds()
+                    raise CircuitBreakerError(
+                        f"Circuit breaker '{self.name}' is OPEN "
+                        f"({self._failure_count} failures, retry in "
+                        f"{self.timeout_seconds - time_since_failure:.0f}s)"
+                    )
+        # Execute the function (outside lock to avoid blocking other threads)
+        try:
+            result = func(*args, **kwargs)
+            self._on_success()
+            return result
+        except Exception as e:
+            self._on_failure(e)
+            raise
+    def _should_attempt_reset(self) -> bool:
+        """Check if enough time has passed to attempt reset (must hold lock)."""
+        if self._last_failure_time is None:
+            return True
+        elapsed = datetime.now() - self._last_failure_time
+        return elapsed >= timedelta(seconds=self.timeout_seconds)
+    def _on_success(self):
+        """Handle successful call (transitions HALF_OPEN -> CLOSED)."""
+        with self._lock:
+            if self._state == CircuitState.HALF_OPEN:
+                self._success_count += 1
+                logger.info(
+                    f"Circuit breaker '{self.name}' success in HALF_OPEN "
+                    f"({self._success_count}/{self.success_threshold})"
+                )
+                if self._success_count >= self.success_threshold:
+                    logger.info(
+                        f"Circuit breaker '{self.name}' transitioning HALF_OPEN -> CLOSED "
+                        f"(service recovered)"
+                    )
+                    self._state = CircuitState.CLOSED
+                    self._failure_count = 0
+                    self._success_count = 0
+                    self._last_failure_time = None
+            elif self._state == CircuitState.CLOSED:
+                # Reset failure count on success in closed state
+                if self._failure_count > 0:
+                    logger.debug(
+                        f"Circuit breaker '{self.name}' success, "
+                        f"resetting failure count from {self._failure_count}"
+                    )
+                    self._failure_count = 0
+    def _on_failure(self, exception: Exception):
+        """Handle failed call (transitions CLOSED -> OPEN, HALF_OPEN -> OPEN)."""
+        with self._lock:
+            self._failure_count += 1
+            self._last_failure_time = datetime.now()
+            if self._state == CircuitState.HALF_OPEN:
+                # Any failure in half-open immediately opens circuit
+                logger.warning(
+                    f"Circuit breaker '{self.name}' failed in HALF_OPEN -> OPEN "
+                    f"(service still failing: {exception})"
+                )
+                self._state = CircuitState.OPEN
+                self._success_count = 0
+            elif self._state == CircuitState.CLOSED:
+                if self._failure_count >= self.failure_threshold:
+                    logger.error(
+                        f"Circuit breaker '{self.name}' CLOSED -> OPEN "
+                        f"(threshold reached: {self._failure_count} failures)"
+                    )
+                    self._state = CircuitState.OPEN
+                else:
+                    logger.warning(
+                        f"Circuit breaker '{self.name}' failure "
+                        f"{self._failure_count}/{self.failure_threshold}: {exception}"
+                    )
+    def reset(self):
+        """Manually reset circuit breaker to CLOSED state."""
+        with self._lock:
+            logger.info(f"Circuit breaker '{self.name}' manually reset to CLOSED")
+            self._state = CircuitState.CLOSED
+            self._failure_count = 0
+            self._success_count = 0
+            self._last_failure_time = None
+    def get_status(self) -> dict:
+        """Get circuit breaker status (for monitoring/debugging)."""
+        with self._lock:
+            status = {
+                "name": self.name,
+                "state": self._state.value,
+                "failure_count": self._failure_count,
+                "success_count": self._success_count,
+                "failure_threshold": self.failure_threshold,
+                "success_threshold": self.success_threshold,
+                "timeout_seconds": self.timeout_seconds,
+            }
+            if self._last_failure_time:
+                status["last_failure_time"] = self._last_failure_time.isoformat()
+                time_since_failure = (
+                    datetime.now() - self._last_failure_time
+                ).total_seconds()
+                status["seconds_since_failure"] = int(time_since_failure)
+            return status